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Abstract. This paper introduces a propositional encoding for lexico- 
graphic path orders in connection with dependency pairs. This facilitates 
the application of SAT solvers for termination analysis of term rewrite 
systems based on the dependency pair method. We address two main 
inter-related issues and encode them as satisfiability problems of propo- 
sitional formulas that can be efficiently handled by SAT solving: (1) the 
combined search for a lexicographic path order together with an argu- 
ment filtering to orient a set of inequalities; and (2) how the choice of the 
argument filtering influences the set of inequalities that have to be ori- 
ented. We have implemented our contributions in the termination prover 
AProVE. Extensive experiments show that by our encoding and the ap- 
plication of SAT solvers one obtains speedups in orders of magnitude as 
well as increased termination proving power. 



1 Introduction 

In recent work [5], Codish et al. introduce a propositional encoding of lexico- 
graphic path orders (LPO) and demonstrate that SAT solving can drastically 
speedup the solving of LPO termination problems. The key idea is that the 
encoding of a term rewrite system (TRS) 1Z is satisfiable if and only if 1Z is 
LPO-terminating and that each model of the encoding indicates a particular 
LPO which orients the rules in 1Z. However, lexicographic path orders on their 
own are too weak for many interesting termination problems and hence LPO 
is typically combined with more sophisticated termination proving techniques. 
One of the most popular and powerful such techniques is the dependency pair 
(DP) method .2;. Essentially, for any TRS the DP method generates a set of 
inequalities between terms. If one can find a well-founded order satisfying these 
inequalities, then termination is proved. A main advantage of the DP method is 
that it permits the use of orders which need not be monotonic. This allows the 
application of lexicographic path orders combined with argument filterings. 

For every function symbol /, an argument filtering tt specifies which parts of 
a term /(. . .) may be eliminated before comparing terms. In recent refinements 
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of the DP method |9I2U| , the choice of ir also influences the set of usable rules 
which contribute to the inequalities that have to be oriented. As stated in |14) . 
"the dependency pairs method derives much of its power from the ability to 
use argument filterings to simplify constraints" . However, argument filterings 
represent a severe bottleneck for the automation of dependency pairs, as the 
search space for argument filterings is enormous. 

This paper extends the approach of [3] by providing a propositional encoding 
which combines the search for an LPO with the search for an argument filtering. 
This extension is non-trivial as the choice of an argument filtering tt influences 
the structure of the terms in the rules as well as the set of rules which contribute 
to the inequalities that need to be oriented. The key idea is to combine all of the 
constraints on n which influence the definition of the LPO and the definition of 
the usable rules and to encode these constraints in SAT. This encoding captures 
the synergy between precedences on function symbols and argument filterings. In 
our approach there exist an argument filtering ir and an LPO which orient a set of 
inequalities if and only if the encoding of the inequalities is satisfiable. Moreover, 
each model of the encoding corresponds to a suitable argument filtering and a 
suitable LPO which orient the inequalities. 

After presenting in Sect. [2] the necessary preliminaries on LPO and on the 
DP method, Sect. |3] extends the approach of |S] to consider argument filterings. 
Sect. 0] shows how to extend this encoding to take into account the influence of 
an argument filtering on the set of usable rules. In Sect. El we describe the im- 
plementation of our results in the termination prover AProVE an d provide 
extensive experimental evidence which indicates speedups in orders of magni- 
tude. We conclude in Sect. [5] 

2 Preliminaries 

This section briefly describes the starting points for the rest of the paper: propo- 
sitional encodings for lexicographic path orders |5ll7j and the dependency pair 
framework |2I1UI14| . We refer to |3] for further details on term rewriting. 

We assume an algebra of terms constructed over given sets of symbols J- 
and variables V. Let >jr denote a (strict or non-strict) partial order on T (a 
so-called 'precedence) and let ~f denote the corresponding equivalence relation. 
We denote by ~ the equality of terms up to equivalence of symbols. Observe that 
if >jr is strict then «jr and ~ are the identity of symbols and terms respectively. 
Each precedence >jr on the symbols induces a lexicographic path order on terms. 

Definition 1 (LPO [16 ). The lexicographic path order >~lpo on terms in- 
duced by the partial order is defined as s = /(sx, . . . , s n ) >-lpo t if and only 
if one of the following holds: 

1. t = g(ti, . . . ,t m ) and s >lpo tj f or all 1 < j < m and either 

(i) f ' >r 9 or (ii) f Wjr g and (si, . . . , s n ) >~ l £p (h, . . . ,t m ) ; or 
2- Si ^Zlpo t for some 1 < i < n. 



2 



Here y l £po * s ^ e lexicographic extension oJ>~lpo to tuples of terms and fZiPO 
is the union of >-lpo and ~. 

The classical approach to prove termination of a TRS 1Z is to find a reduction 
order >- which orients (I )~lpo t) all of the rules I — > r in 1Z. A reduction order 
is an order which is well-founded, monotonic, and stable (closed under contexts 
and substitutions). In practice, most reduction orders amenable to automation 
are simplification orders [7], i-e., they contain the embedding relation > e mb- 

The lexicographic path order is one of the most prominent simplification 
orders and raises the associated decision problem: For terms s and t, does there 
exist a precedence > jr such that s >- lpo t holds? This decision problem comes 
in two flavours: "strict-LPO" and "quasi-LPO" depending on whether >jr is 
required to be strict or not. In the authors observe that finding >jr such 
that s y lpo t is tantamount to solving a constraint obtained by unfolding the 
definition of s >~lpo t. 

As an example, let T = { — ,+,*}. Then there exists a strict precedence 
such that —(a; + y) >-lpo (— %) * (~y) if and only if the partial order constraint 
(— >jr *) V ((+ >jr *) A (+ >jf — )) has a solution. In J7| the authors show how 
such constraints can be encoded into prepositional formulas. These formulas are 
satisfiable if and only if there exists a suitable partial order. A substantially im- 
proved encoding from such partial order constraints into propositional formulas 
is presented in 

However, it is well known that lexicographic path orders on their own are 
not very powerful for proving termination. 

Example 2. Consider the following TRS 1Z for division on natural numbers [2] ■ 

minusfx, 0) — > x (1) quot(0, s(y)) — > (3) 

minus(s(a;),s(y)) — > m\nus(x,y) (2) quot(s(s), s(y)) — > s(quot(minus(a;, y), s(y))) (4) 

Rules {Q - can easily be oriented using an LPO, but rule (@J cannot. To see 
this, observe that if we instantiate y by s(x), we obtain quot(s(x), s(s(x))) -< e mb 
s(quot(minus(a;, s(x)), s(s(x)))). Thus, no simplification order can show termina- 
tion of 1Z. This drawback was the reason for developing more powerful approaches 
like the dependency pair method. 

The dependency pair framework jlU) is a modular reformulation and im- 
provement of Arts and Giesl's dependency pair approach |2] which was also 
inspired by related work in |4I14| . To ease readability, the following presentation 
is slightly simplified yet sufficient to state the contributions of this paper. For 
further details on the dependency pair framework see [TU|. 

For a term rewrite system 1Z over the symbols J 7 , the set of defined symbols 
T>tz C T is the set of all root symbols of left-hand sides of 1Z. With each defined 
symbol / € T>n we extend the signature T by a fresh tuple symbol F. For 
each rule /(si, . . . , s„) — > r in a term rewrite system 1Z and for each subterm 
g{ti, ...,t m ) of r with g e T> n , F(si, . . . , s„) — > G(t\, . . . ,t m ) is a dependency 
pair, intuitively indicating that a function call to / may lead to a function call 
to g. The set of dependency pairs of 1Z is denoted DP(1Z). 
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Example 3. Recall the term rewrite system from Ex. [21 The defined symbols are 
minus and div and there are three dependency pairs: 



M[NUS(s(aO,s(y)) -> MINUS(a;,j/) 
QUOT(s(a;),s(y)) -> MINUS(x, y) 
QUOT(s(a5),s(y)) QUOT(minus(a:, y), s(y)) 



(5) 
(6) 
(7) 



The main result underlying the dependency pair method states that a term 
rewrite system 1Z is terminating if and only if there is no infinite (minimal) 
TZ-chain of its dependency pairs DP{1Z) 2 . In other words, there is no infinite 
sequence of dependency pairs s\ — > £i, fla — ► ta, . • ■ from DP(TZ) such that for all i 
there is a substitution Oi where Uo~i is terminating with respect to 1Z and t^Oi — >^ 
Si+iCTj+i. To prove absence of such infinite chains automatically, we consider so- 
called dependency pair problems. A dependency pair problem (V,7Z) is a pair 
of term rewrite systems V and 1Z and poses the question: "Is there an infinite 
7\L-chain of dependency pairs from VT' The goal is to solve the dependency pair 
problem (DP(1Z). TV) in order to determine termination of 1Z. 

Termination techniques now operate on dependency pair problems and are 
called DP processors. Formally, a DP processor Proc takes a dependency pair 
problem as input and returns a new dependency pair problem which then has to 
be solved instead. A processor Proc is sound if for all dependency pair problems 
(V,7Z) where Proc(V,7Z) = (V',1Z), there is an infinite 7?.-chain of pairs from 
V' whenever there is an infinite 7?-chain of pairs from V . Soundness of a DP 
processor is required to prove termination and in particular, to conclude that 
there is no infinite 7?.-chain if Proc(P, TZ) — (0, 1Z). 

So termination proofs in the DP framework start with the initial DP prob- 
lem (DP(1Z),1Z). Then the DP problem is simplified repeatedly by sound DP 
processors. If one reaches the DP problem (0,7?.), then termination is proved. 
In the following, we present one of the most important processors of the frame- 
work, the so-called reduction pair processor. Additional processors are described 



For a DP problem (P,7Z), the reduction pair processor generates inequality 
constraints which should be satisfied by a reduction pair (£3, >-) |18j where £3 is 
reflexive, transitive, monotonic, and stable and y is a stable well-founded order 
compatible with £3 (i.e., ^3 o y C ^ or ^ o C y). However, y need not be 
monotonic. A typical choice for a reduction pair y) is to use simplification 
orders in combination with argument filterings |2] (we adopt notation of |18| 'l . 

Definition 4 (Argument Filtering). An argument filtering ir maps every n- 
ary function symbol to an argument position i G {l,...,n} or to a (possibly 
empty) list [ii, . . . ,i p ] with 1 < i± < • • • < i p < n. An argument filtering it 
induces a mapping from terms to terms: 



in 10.. 
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For a relation y on terms, let y™ be the relation where s y* t holds if and only 
if it(s) >- 7r(t). An argument filtering with ir(f) = i is called collapsing on /. 

Arts and Giesl show in [2] that if (£3, >-) is a reduction pair and ir is an 
argument filtering then Qz™ , y*) is also a reduction pair. In particular, we focus 
on reduction pairs of the form {^Zl PO , ^lpo) to prove termination of examples 
like Ex. |21 where the direct application of simplification orders fails. 

The constraints generated by the reduction pair processor require that (a) 
all dependency pairs in V are weakly or strictly decreasing and, (b) all usable 
rules UifP \1Z) are weakly decreasing. Here, a rule /(. . .) — > r from 1Z is usable 
if / occurs in the right-hand side of a dependency pair from V or of a usable 
rule. In Ex. [21 the symbols occurring in the right-hand sides of the dependency 
pairs © — are MINUS, QUOT, s, and minus. Therefore the minus-rules 
and J2J) are usable. Since the right-hand sides of the minus-rules do not contain 
additional symbols, these are in fact all of the usable rules. Hence, the quot-rules 
© and (0J are not usable. 

As shown in | 15I2(J| . under certain conditions on the reduction pair, Restric- 
tion (b) ensures that in chains s\ — > ti,S2 —> ^2,-- - with tiUi — Si + \Ui + i, 
we have Uo~i £3 Si+iUi+i. The required conditions hold in particular for any re- 
duction pair constructed using simplification orders and argument filterings and 
specifically for QZlpoi ^lpo)- Hence, the strictly decreasing pairs of V cannot 
occur infinitely often in chains. This enables the processor to delete such pairs 
from V . 

In the following, for any term rewrite system Q and relation y, we denote 
Q y = {s^teQ\sy t}. 

Theorem 5 (Reduction Pair Processor). Let (£3, y) be a reduction pair for 
a simplification order y and let tt be an argument filtering. Then the following 
DP processor Proc is sound. 



Proc{V, K) 



{V \ TV , ft) if ?V UVy*=V and TZy, D U(V, K) 
(V, TV) otherwise 



Example 6. For the term rewrite system of Ex. [21 according to Thm.[^]we search 
for a reduction pair solving the following inequality constraints. 

minus(x,0) £ x (8) 

minus(s(a;), s(y)) £3 minus(s, y) (9) 

MINUS(s(a:),s(j/)) fa M\NUS(x,y) (10) 

QUOT(s(jc),s(y)) fa MINUS(x,y) (11) 

QUOT(s(x),s(y)) fa QUOT(minus(ar,i/),s(»)) (12) 

Following Thm.JSJ all of the inequalities (|10|l - l|12|) which are strictly decreasing 
can be removed. To solve the inequalities we may take fcjpo, ^Jpo) wnere 
7r(minus)=l, 7r(s)=7r(MINUS)=7r(QUOT) = [l], and where ^lpo an( l >~lpo are 
induced by the partial order QUOT >jf MINUS. For this choice, inequalities 
l|10 [l -(|12 [l are all strict and hence removed by the reduction pair processor. This 
results in the new DP problem (0,1Z) which proves termination of Ex. [21 
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We conclude this brief description of the dependency pair framework with a 
statement of the central decision problem associated with argument filterings, 
LPO, and dependency pairs: 

For a given dependency pair problem (V, 1Z), does there exist a reduction 
pair QZlpq, ^j[po) f° r some argument filtering tt and lexicographic path 
order induced by some partial order > yr such that all rules in V and in 
1Z are weakly decreasing and at least one rule in V is strictly decreasing? 

In the following section we show how to encode constraints like "s >-\ PO t" 
and "s ^3jp t" as propositional formulas. Given such an encoding enables 
to encode the decision problem stated above as a SAT problem. Based on the 
solution of the SAT problem one can then identify the dependency pairs which 
can be removed from V '. 



3 Encoding LPO and Argument Filtering 

In this section we consider lexicographic path orders with argument filterings and 
the corresponding decision problem. Consider first a naive brute force approach. 
For any given argument filtering tt we generate the formula 

The constraints u n(s) ^Zlpo ^(i)" and "7r(s) >lpo can be encoded as 

described in Sect.|2 Then SAT solving can search for an LPO satisfying (|13|l for 
the given filtering n. However, this approach is hopelessly inefficient, potentially 
calling the SAT solver for each of the exponentially many argument filterings. 

A contribution of this paper is to show instead how to encode the argument 
filterings into the propositional formula and delegate the search for an argument 
filtering to the SAT solver. In this way, the SAT solver is only called once with 
an encoding of Formula and it can search for an argument filtering and for 
a precedence at the same time. This is clearly advantageous, since the filtering 
and the precedence highly influence each other. 

So our goal is to encode constraints like "s >-\pq t" (or "s ^Zlpo 
propositional formulas such that every model of the encoding corresponds to a 
concrete filtering 7r and precedence >f which satisfy "s >-\pq t" ( or " s ^Zlpo 
t"). We first provide an explicit definition which then provides the basis for 
specifying partial order and argument filtering constraints, satisfaction of which 
give "s >-\pq t n (or "s ^Jp G i"). The essential differences with Definition ^are 
two: each of the two cases of Definition ^ are refined to consider the effect of 7r; 
and we use the weak version ^3jpo of the order instead of equivalence on terms. 

Definition 7 (LPO modulo tt). Let >jr be a (strict or non-strict) precedence 
and let tt be an argument filtering on T . Let x denote a variable. 
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(I) The induced lexicographic path order ^ LPO on terms is defined as follows: 
s = f(s\, . . . , s n ) >-J j po t if and only if one of the following holds: 

1. t = g(t\, . . . , t m ) and 

(a) ir(g) = j and s >-\ PO tj; or 

( b ) *"(/) = [h, -,i P ], 7r(ff) = -,jq], s ylpo tj for all j £ \j x , . . .,j q ], 
and either (i) f >jr g, or 

(H) f ~r 9 and (s ll ,...,s ip ) (t jl ,...,t Jq ); or 

2. (a) 7r(/) = i and Si >-\po t; or 

( b ) n(f) = [h,-->,i P ] and for some i £ [h, . . . ,i p ], (s, >f LPO t). 
(II) For tuples of terms we define (si, . . . , s n ) y^'pQ (ti, ■ ■ ■ , t m ) iff n > and 

(a) m = or 

(b) m>0 and {{s\ >-\ PO h) V ((si >f LPO h) A (s 2 , ... , s n ) ^I'po (*2,— ,*m)))- 
(III) !Zlpo and {Zl' P q are defined in an analogous way to >-\ P q and >-^£pq: 

(a) replacing >-\ P q by ^Zlpq in (I) 1(a) and 2(a); and 

(b) adding the case x ^zTlpo #(*i> ■ • • ) *m) iff 77 (d) = j and x ^[ PO tj and 
the case x ^Zlpq x to (I); and 

(c) replacing >-^pq by {Zl'pq in (I), (II) and adding () ^Zl'po t° (W- 

It follows directly from Definitions and that for all terms s and t we 
have s > LPO t ""( s ) >lpo 7r(t) and s )z L p t n(s) ^lpo 7r(t). 

The decision problem associated with Def. is stated as follows: For terms s 
and t, does there exist a partial order >jr and an argument filtering tt such that 
s r-Lpo t resp. s ^Zl P q t holds. This problem again comes in two flavours: "strict- 
LPO" and "quasi-LPO" depending on if is required to be strict or not. Our 
aim is to encode these decision problems as constraints on >jr and 7r, similar to 
the encoding of s >-lpo t as a partial order constraint in Sect. [21 The difference 
is that now we have two types of constraints: constraints on the partial order >jr 
and constraints on the argument filtering tt. To express constraints on argument 
filterings we use atoms of the following forms: K 7r(/) = i" to constrain tt to map 
/ to the value i; "7r(/) 9 i" to constrain tt to map / either to a list containing i 
or to i itself; and "list(Tr(f))" to constrain tt to map / to a list. So "list(Tr(f))" 
means that tt is not collapsing on /. 

Each of the cases (I) - (III) in Def. induces an encoding to constraints on 
partial orders and argument filterings. In the following definition, we illustrate 
the encoding of s >~\ PO t for the case of strict-LPO with argument filterings. 
The encoding for s [Zlpq t and the encodings for quasi-LPO are defined in 
a similar way. In the following definition, rx a , ti& and Ti are the parts of the 
encoding corresponding to cases 1(a), 1(b) and 2(a-b) in Def. 0(1). 

Definition 8 (Encoding strict-LPO with Argument Filterings). The 

strict-LPO encoding of s >-\pq t is a mapping r from pairs of terms s and t 
to constraints defined by the rules depicted in Fig.^\ (where x denotes a variable). 

Example 9. Consider the first arguments of QUOT in dependency pair J7J. Using 
Def. [SI after simplification of conjunctions, disjunctions, and implications with 
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Encoding I: 

t(s yl P o t) = r la (s yl PO t) V T lb {s >-lp t) \J r 2 (s >-l PO t) 

Tla(x >\po t)=Tl b (x >\po t)=T 2 {x ^I PO t)=Tla(s >\p x)=T lb (s >~l PO x)=false 

n a (s >Ipo g(ti, • • • , t m )) = \J f (tt(s) = j) f\ t(s yl PO tj)J for non-variable s 

1 < j < m 

n b (f(s u ...,s n ) ylp g(h, t m )) = list^if)) A Ust^g)) A(/ >r g) A 

1, . . . , S n ) r~LPO tj) f° r f ^ 9 

1 < j < m 

r 16 (/( Sl ,...,s n ) ^J PO f(ti,...,t„) = list(Tr(f))/\ 

t({si, . . . , s„) y^poj 

l<j<n 

r 2 (/(si,... ;S „)^ PO t)= \/ ((7r(/)=i)A r ("* > -^o«)) V 

l<i<n 

Kflt(ir(/)) A \/ (tt(/) 3 ») A r( Sl fcZ PO t) j 

V l<i<n I 

Encoding II: 

t((s,, . . . , s n ) y^'po f (*»> • ■ • ' *n» = false if n = else 

(M/) i*)A^U ^Ipo *0)V 

( ( 0(/) i *) -» fciPO *») ) A T«»i+1> ■ • ■ , S„) ^I'poj (U+l,- ■ ■ , *n))J 

Fig. 1. Encoding LPO with Argument Filterings 

true and false we obtain: 

t(s(x) >-\po minus(x, y)) = (-7r(minus)=l A list(ir(s)) A 7r(s) 3 1) 
V(list(Tr(s)) A Zisi(7r(minus)) A (s >jf minus) A 
(Tr(minus) 31-» list(Tr(s)) A tt(s) 3 1) A -.(^(minus) i 2)) 

Thus, s(x) >-\po minus(x, j/) holds if and only if minus is collapsed to its first 
argument and s is not filtered or if s and minus are not collapsed, s is greater 
than minus in the precedence, and the second argument of minus is filtered and 
whenever minus keeps the first argument then s keeps the first argument, too. 

We proceed to describe how partial order and argument filtering constraints 
are transformed into propositional logic. The prepositional encoding of partial 
order constraints is presented in more detail in 

Let \T\ = m. Then the basic idea is to interpret the symbols in T as indices 
in a partial order taking finite domain values from the set {l,...,m}. Each 
symbol / G T is thus modeled as (//., . . . , fx) with ff. the most significant bit 
and k = [log 2 m] . The binary value of (ff., ■ ■ ■ , fx) represents the position of / in 
the partial order. One may of course have (/fe, • • ■ , /i) = (<?&, ■ ■ ■ , <7i) for / ^ g, 
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if, for example, a (strict) partial order imposes no order between / and g, or if 
a non-strict partial order imposes / «jr g. Constraints of the form (/ >jr g) or 
(/ g) on T are interpreted as constraints on indices and it is straightforward 
to encode them in fc-bit arithmetic: A constraint of the form (/ «jr g) is encoded 
in k bits by 

KfK>rg)\\k= A Vi"9i)- 
i<i<k 

A constraint of the form (/ >j= g) is encoded in fc-bits by 

xii _/(/iA^i) iffc = l 

II U >f 9)\\k - | {h A ^ gk) v ((/fc ^ fffe) A || (/ > g)h _ x) iik>1 

To encode argument filtering constraints, we associate with each symbol / G 
T of arity n the propositional variables listf (which is true if and only if ir is 
not collapsing on /) and arg^ , . . . , arg^ (which indicate which arguments of / 
remain after filtering by ir). We impose for each / 6 J- of arity n a constraint 
of the form -ilistf — > ©i<i< tl <Wfl'/ where © 1 < i <„ a^ff} specifies that exactly 
one of the variables arg^ is trite and the rest are false. The argument filtering 
constraints are then encoded as follows: \\list(n(f))\\ — listf, |[7r(/) 3 i|| = argy, 
and ||7r(/) = i|| = -ilistf A arg^. 

Example 10. Consider the encoding in Ex. El which still contains partial order 
constraints and argument filtering constraints. Using the above encoding for 
these constraints, we obtain the following propositional formula. Since there are 
only ui — 2 symbols s and minus, we choose k = 1 and encode the partial order 
constraint (s >jr minus) as (si A -iminusi). 



||r(s(x) ^l PO minus(x,y))|| = {-ilist m \ nus A arg^ inus A list s A arg^) 
V(list s A list mmlls A (si A ^minusi) A 
( ar 5minus list * A argl) A ^arg 2 m - mus ) 



4 Argument Filterings and Usable Rules 

Recent improvements of the DP method 9 20 significantly reduce the number of 
rules required to be weakly decreasing in the reduction pair processor of Thm. [S] 
We first recapitulate the improved reduction pair processor and then adapt our 
propositional encoding accordingly. 

The idea is that one can restrict the set of usable rules by taking the argu- 
ment filtering into account: in right-hand sides of dependency pairs or rules, an 
occurrence of / in the i-th argument of g will never be the cause to introduce 
a usable /-rule if the argument filtering eliminates g's i-th argument. For in- 
stance, when taking 7r(QUOT) = [2] in Ex. [21 the right-hand side of the filtered 
dependency pairs do not contain minus anymore. Thus, no rule is considered 
usable. In Def. 1111 we define these restricted usable rules for a term t (initially 
corresponding to the right-hand side of a dependency pair). Here, we make the 
TRS 1Z explicit to facilitate a straightforward encoding in Def. PHI afterwards. 
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Definition 11 (Usable Rules modulo it [9 20j). Let 1Z be a TRS and ir an 

argument filtering. For any function symbol f , let Rlsn(f) — {£ ~ > r G 7Z \ 
root(^) = /}. For any term t, the usable rules U^it^TV) modulo n are given by: 

U^ix^TV) — for all variables x 
U K (f(t 1 ,...,t n ),n)=Rls n (f) U 

U^remsKU) UAr,n\Rls n {f)) U 
Ur(/ )a < UAU,K\Rls n (f)) 

For a set of dependency pairs V , let U^iV^TZ) = [J s ^ te -p U„(t, TV). 

We now refine the reduction pair processor of Thm. to consider usable rules 
modulo 7r. 

Theorem 12 (Reduction Pair Processor modulo 7r [20j). Let Qz,y) be a 
reduction pair for a simplification order y and let 7r be an argument filtering. 
Then the following DP processor Proc is sound. 



Proc{V,Tl) = 



{V \ TV- , Tl) if TV- U^^P and Tly* D U^{V, K) 
(V, 72.) otherwise 



Example 13. Consider the following TRS (together with the minus-rules J5J)) 

ge(a;,0) -> true (14) div(z, J/) -> if (ge(s5, y), Z, y) (17) 

ge(0,s(y)) -> false (15) if (true, s{x), s{y)) —> s(div(minus(a;, y), s(y))) (18) 
ge(s(a:),s(y))->ge(a:,y) (16) if (false, x, s(y)) -+ (19) 

The usable rules are the minus- and ge-rules since minus occurs in the right-hand 
side of the dependency pair IF(true, s(x),s(y)) — > DIV(minus(a;, y),s(y)) resulting 
from rule 1)18(1 and ge occurs in the dependency pair DIV(x, y) — > IF(ge(ir, y), x, y) 
resulting from rule 1(17(1 . However, if one chooses the argument filtering 7r(DIV) = 
tt(GE) = Tr(MINUS) = tt(s) = [1], tt(IF) = [2], and Tr(minus) = 1, then the ge- 
rules are no longer usable since ge does not occur in the right-hand side of the 
filtered dependency pair DIV(x) — > IF(x). Now Thm,IT2lonlv requires the filtered 
minus-rules and the dependency pairs to be decreasing. 

As demonstrated in [9120] and confirmed by the experiments described in 
Sect. El introducing argument filterings to the specification of usable rules results 
in a significant gain of termination proving power. However, Thm. 1121 is not 
straightforward to automate using SAT solvers. The technique of Sect. 03 assumes 
a given set of inequalities which is then encoded to a propositional formula. 
The problem with Thm. El is that that the set of inequalities to be oriented 
depends on the chosen argument filtering. Hence, the search for an argument 
filtering should be combined with the computation of the usable rules. Once 
again, the alternative brute force enumeration of argument filterings is hopelessly 
inefficient. Therefore, we modify the encoding of the inequalities in Formula 1(13(1 
to consider for every rule t — > r G 1Z, the condition under which I — > r is usable. 



10 



Only under this condition one has to require the inequality tt(£) £3 7r(r). To this 
end, instead of encoding formula we encode the following formula. 

A ^Ipor A f\ stlpot A \/ sylpot 031) 



(a) (b) (c) 

The subformulas (b) and (c) are identical to those in Formula and are 
encoded as a conjunction and disjunction of encodings of the forms r(s {Zlpo t) 
and r(s >-\ P o t) using Def. |S1 The definition of the usable rules in Def. ITTI 
now induces the following encoding of subformula (a) as a propositional formula 
lv{V,TZ)} Here, we reuse the encoding for "tt(/) 3 i" as presented in Sect. 
Moreover we introduce a new propositional variable u / for every defined function 
symbol / of U(V, TV) which indicates whether f's rules are usable. 

Definition 14 (Encoding Usable Rules modulo Argument Filtering). 

For a term t and a TRS 1Z the formula u>(t,7Z) is defined as follows: 

u(x,lZ) = true for ieV 

w(/(t 1 ,...,t„),'fc) = Ai<i<„M/) forf^V n 
u(f(tx,...,t n ),K)=u f A forfeV n 

Ai<<<„M/) 3i^u(u,ii\RisK(f))) 

For a set of dependency pairs V , let 



>(v,n)=( f\ W (t,^)j a I /\ U/ - f A 



LPO 

For a DP problem (V,TZ) we encode the formula Every model of this 

encoding corresponds to a precedence > jr and an argument filtering ix satisfying 
the constraints of the improved reduction pair processor from Thm. 1121 Thus, 
we can now use SAT solving to automate Thm. ^] as well. 

Example 15. Consider the TRS 1Z from Ex. El Using the encoding of Def. 1141 
for V = DP(K) we obtain: 

uj(V,K) = (tt(DIV) 3 1 -> w minus ) A (vr(IF) 3 1 -> u ge ) A 
(w m inus -> (r(minus(a;, 0) >zl PO x) A r(minus(s(a;), s(y)) >zl PO minus(a;, y)))) A 
(u ge -> (r(ge(a;, 0) £J PO true) A r(ge(0, s(y)) >\ PO false) A 
-r(ge(s(x),s(y)) ££ PO ge(x,j/)))) 



1 The definition of u can easily be adapted to more advanced definitions of usable 
rules as well, cf. e.g. [219111) . 
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5 Implementation and Experiments 

The propositional encodings for LPO with argument filterings and for the reduc- 
tion pair processors described in Sect. [3] and 0] have been fully implemented and 
integrated within the termination prover AProVE available from This Java 
implementation consists of the following main components: (a) An encoder from 
DP problems to formulas with partial order and argument filtering constraints 
(ca. 1700 lines), (b) A propositional encoder for partial order constraints fol- 
lowing |S] and for argument filtering constraints (ca. 300 lines), (c) Interfaces 
to several SAT solvers (ca. 300 lines) . For the scope of this paper all results are 
obtained using the MiniSAT solver |Hj. For the translation to conjunctive normal 
form (CNF) we used the implementation of Tseitin's algorithm [21] offered by 
SAT4J 19 - a freely available Java implementation of MiniSAT. 

Our implementation uses several optimizations to minimize encoding size: 

1. We apply basic simplification axioms for true and false as well as standard 
Boolean simplifications to flatten nested conjunctions and disjunctions. 

2. When building the formulas top-down, at each point we maintain the sets of 
atomic constraints (partial order and argument filtering) that must be true 
and false from this point on. This information is then applied to simplify 
all constraints generated below (in the top-down process) and to prune the 
encoding process. 

3. We memo and identify identical subformulas in the propositional encodings 
and instead of representing formulas as trees we represent them as directed 
acyclic graphs (or Boolean circuits). This decreases the size of the represen- 
tation considerably. For instance, consider the constraint from Ex.|5J Already 
in this tiny example, the subformula list(ir(s)) A7r(s) 9 1 occurs twice, since 
it results from the encoding of both s(x) y-^po x and s(x) y^po y- 

Optimization (0) typically reduces the number of propositional variables in 
the resulting CNF by a factor of at least 2. Optimizations Q and together 
further reduce the number of propositional variables by a typical factor of 10. 

To evaluate our new SAT-based implementation, we performed extensive 
experiments to compare it with the corresponding methods in the current non- 
SAT-based implementations of AProVE 12] and of the Tyrolean Termination Tool 
(TTT) |15| . As shown in the annual International Competition of Termination 
Tools 2004 and 2005, AProVE and TTT are the two most powerful tools for 
termination analysis of term rewriting. For our experiments, both AProVE and 
TTT are configured to consider all argument filterings. 

We ran the three tools on all 773 TRSs from the Termination Problem Data 
Base. This is the collection of examples from the annual competition of termi- 
nation tools pQ. For the experiments, the TTT analyzer is applied via its web 
interface and runs on a Xeon 2.24GHz dual-CPU platform. The AProVE analyzer 
and our new SAT-based analyzer are run on an AMD Athlon 64 at 2.2 GHz. 

Apart from the reduction pair processor, we also used the dependency graph 
processor |2I10I14| . which is the other main processor of the dependency pair 
framework. This processor is used to split up dependency pair problems into 
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smaller ones. As AProVE and TTT use slightly different techniques for estimating 
dependency graphs in the dependency graph processor and they run on different 
machines, their performance is not directly comparable. 

Tables ^ arL d [21 summarize the results using the DP processors based on 
Thm. [5] and Thm. ^] respectively. The tools are indicated as: TTT, 2 APR 
(AProVE) and SAT (AProVE with our SAT-based encoding). For each of the 
experiments we consider reduction pairs based on strict- and quasi-LPO. Each 
of the experiments was performed with a time-out of 60 seconds (corresponding 
to the way tools are evaluated in the annual competition) and with a time-out 
of 10 minutes. We indicate by " Yes" , "Fail" , and "RL" the number of TRSs for 
which proving termination with the given technique succeeds, fails, or encoun- 
ters a resource limit (time-out or exhausts memory). Finally, we give the total 
time in seconds for analyzing all 773 examples. Individual runtimes and proof 
details are available from our empirical evaluation web site [Jj]. 





LPO - 60sec t/o 


LPO - lOmin t/o 




QLPO - 


60sec t/o 


QLPO - 


lOmin t/o 


Tool 


Yes 


Fail 


RL 


Time 


Yes 


Fail 


RL 


Time 




Yes 


Fail 


RL 


Time 


Yes 


Fail 


RL 


Time 


TTT 


268 


448 


57 


4202 


269 


465 


39 


28030 




297 


395 


81 


6241 


297 


408 


68 


43540 


APR 


310 


358 


105 


6936 


310 


365 


98 


60402 




320 


331 


122 


7913 


326 


341 


106 


67764 


SAT 


327 


446 





119 


327 


446 





119 




359 


411 


3 


423 


359 


414 





563 



Table 1. 
Thm. El 



Strict-LPO (left) and Quasi-LPO (right) with the DP processor of 



The comparison of the corresponding SAT-based and non-SAT-based con- 
figurations in Tabled shows that the analyzers based on SAT solving with our 
proposed encoding are faster by orders of magnitude. Moreover, the power (i.e., 
the number of examples where termination can be proved) also increases sub- 
stantially in the SAT based configurations. It is also interesting to note that 
there are almost no time-outs in the SAT-based configurations, whereas the 
non-SAT-based configurations have many time-outs. 3 





LPO - 60sec t/o 


LPO - lOmin t/o 


Tool 


Yes 


Fail 


RL 


Time 


Yes 


Fail 


RL 


Time 


APR 
SAT 


338 
348 


368 
425 


67 



4777 
115 


341 
348 


383 
425 


49 



33329 
115 



QLPO - 60sec t/o 


QLPO - lOmin t/o 


Yes 


Fail 


RL 


Time 


Yes 


Fail 


RL 


Time 


357 
380 


323 
390 


93 
3 


6100 
435 


359 
380 


336 
393 


78 



49934 
587 



Table 2. Strict-LPO (left) and Quasi-LPO (right) with the DP processor of 
Thm. [13 

Table |21 provides results using the improved reduction pair processor of 
Thm. El Again, the SAT-based configuration is much faster than the corre- 
sponding non-SAT-based one. The comparison with Table shows that replac- 



2 TTT offers two algorithms to search for argument filterings. We used the "divide- 
and-conquer" -algorithm, since it is usually the more efficient one. 

3 To evaluate the optimizations on p. 1121 we also tested the SAT-based configuration 
with strict-LPO and the 10-minute time-out in a version where optimizations (2) 
and © are switched off. Here, the total runtime increases from 119 to 1968 seconds. 
Thus, optimizations (2) and (3) already decrease the total runtime by a factor of 16. 
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ing the processor of Thm.[3]by the one of Thm. IT2l increases power significantly 
and has no negative influence on runtimes. 

In both tables, the comparison between strict- and quasi-LPO (of correspond- 
ing configurations) shows that quasi-LPO is more powerful but also slower than 
strict-LPO. However, for the SAT-based analyses, the overall runtimes are still 
extremely fast in comparison to the non-SAT-based configurations. 

Table |3 highlights 5 examples which could not be solved by any tool in the 
International Termination Competition 2005, whereas the SAT-based configu- 
ration proves termination for all 5 in a total of 5.3 seconds. In fact, except for 
the second example, neither TTT nor AProVE are able to prove termination 
in their fully automatic mode within 10 minutes. This demonstrates that our 
encoding advances the state of the art of automated termination analysis. The 
columns labeled TTT, APR, and SAT indicate for the three tools the analy- 
sis times in seconds (to find a proof of termination) and "t/o" indicates a 10 
minute timeout. For each of the examples and tools, the time indicated is for 
the fastest configuration from those described in Tables and [3 For the sec- 
ond and third example, TTT's "divide-and-conquer" -algorithm times out, but its 
"enumeration" -algorithm (which is usually less efficient) finds a solution within 
10 minutes. Therefore, here the runtimes are given in brackets. The last four 
columns give details on the termination proof with SAT. Column 4 and 5 indi- 
cate the number of clauses and the number of literals for the largest CNF which 
occurred during the proof (ranging over all dependency pair problems encoun- 
tered). Columns 6 and 7 indicate the time (in milliseconds) for encoding and for 
SAT solving (the rest of the time is spent for reading and parsing, producing 
outputs, computing dependency graphs, etc). 



Example 


TTT 


APR 


SAT 


# clauses 


# literals 


encod. time 


SAT time 


Ex26_Luc03b_Z 


t/o 


t/o 


0.95 


11335 


29794 


117 


44 


Ex2_Luc02a_C 


(476.8) 


t/o 


1.31 


7968 


21385 


159 


16 


Ex49_GM04_C 


( 25.8) 


44.4 


1.14 


6641 


17654 


213 


12 


ExSecll_l_Luc02a_C 


t/o 


t/o 


1.32 


9187 


24536 


159 


20 


ExSecll_l_Luc02a_GM 


t/o 


t/o 


0.58 


18158 


48072 


221 


52 



Table 3. Five hard examples: SAT solving increases termination proving power 



6 Conclusion 

In |S] the authors demonstrate the power of propositional encoding and ap- 
plication of SAT solving to LPO termination analysis. This paper extends the 
SAT-based approach to consider the more realistic setting of dependency pair 
problems with LPO and argument filtering. The main challenge derives from 
the strong dependencies between the notions of LPO, argument filterings, and 
the set of rules which need to be oriented. The key to a solution is to intro- 
duce and encode in SAT all of the constraints originating from these notions 
into a single search process. We introduce such an encoding and through im- 
plementation and experimentation prove that it meets the challenge yielding 
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speedups in orders of magnitude over existing termination tools as well as in- 
creasing termination proving power. To experiment with our SAT-based imple- 
mentation and for further details on our experiments please visit our web page 
at http://aprove.informatik.rwth-aachen.de/eval/SATLPO 6 . 
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